GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
22,329 advisories
CVE-2025-24357 Malicious model remote code execution fix bypass with PyTorch < 2.6.0
Critical
GHSA-ggpf-24jw-3fcw
was published
for
vllm
(pip)
Apr 23, 2025
Wazuh server vulnerable to remote code execution
Critical
CVE-2025-24016
was published
for
github.com/wazuh/wazuh
(Go)
Apr 22, 2025
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
Moderate
CVE-2025-32950
was published
for
io.jmix.localfs:jmix-localfs
(Maven)
Apr 22, 2025
OctoPrint Authenticated Reverse Proxy Page Authentication Bypass
Moderate
CVE-2025-32788
was published
for
octoprint
(pip)
Apr 22, 2025
Harden-Runner allows evasion of 'disable-sudo' policy
Moderate
CVE-2025-32955
was published
for
step-security/harden-runner
(GitHub Actions)
Apr 22, 2025
Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS
Moderate
CVE-2025-32963
was published
for
github.com/minio/operator
(Go)
Apr 21, 2025
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Moderate
CVE-2025-32793
was published
for
github.com/cilium/cilium
(Go)
Apr 21, 2025
ProTip!
Advisories are also available from the
GraphQL API